What is CVE-2025-65099?

CVE-2025-65099 is a vulnerability in Anthropics Claude-code, classified under Code Injection. Published 2025-11-19.

Is CVE-2025-65099 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Anthropics Claude-code

CVE-2025-65099

Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code could have been tricked to execute code contained in a project via yarn plugins before the user accepted the star…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.001 (25.8th percentile) — read the EPSS interpretation.

Affected products

Anthropics Claude-code — versions < 1.0.39

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

b-faller/cve-2025-65099

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-5hhx-v7f6-x7gv (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2025-65099?: CVE-2025-65099 is a vulnerability in Anthropics Claude-code, classified under Code Injection. Published 2025-11-19.
Is CVE-2025-65099 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.